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DETAILED ACTION 

1 . This action is response to communication: amendment received 05/26/2009. 

2. Claims 1-16 and 47-48 are current pending in this application. Claims 17-46 
have been withdrawn. . 

3. No new IDS has been received. 



Response to Arguments 

4. Applicant's arguments filed 05/26/2009 have been fully considered but they are 
not persuasive. 

The applicants have argued that the AAPA does not teach wherein the 
identification is a user identification. However, this is still taught by Fee, as seen in the 
previous rejection for claim 2. Fee is relevant art, and it would have been obvious to 
combine Fee, as Fee is directed toward applying security policies to determine whether 
given code assemblies may be trusted. As taught in Fee paragraphs 8 and 9, this 
would allow flexibility to determine which assemblies to be trusted and would increase 
the security of the system. 

5. The applicants' arguments with regards to amended claims 47 are persuasive 
and the previous rejections have been withdrawn. 
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Claim Rejections - 35 USC §112 

6. The previous 112 rejections have been withdrawn in response to applicant's 
amendments and arguments. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1, 2, 4, and 5 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over the Applicant's Admitted Prior Art (hereinafter the AAPA), and in view of Fee US 
Patent Application Publication 20030041267 (hereinafter Fee). 

As per claim 1 , the AAPA (used the paragraphs from publication) teaches an 
apparatus comprising instantiating in a managed code to execute with a runtime loader 
(paragraphs 2 and 3 of publication), for executing first and second assemblies of the 
one or more of the files instantiated in the managed code (paragraphs 2, 3, 4, and 5); 
means for making a call for access by the first assembly of the one or more files 
instantiated in the managed code to the second assembly of one or more files 
instantiated in the managed code (paragraphs 4 and 5); and means, based upon an ID 
for at least one of the first and second assemblies of the one or more files, for 
determining access privileges of the first assembly of the one or more files to the 
second assembly of one or more files (paragraphs 4 and 6). 
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However, at the time of the invention, the AAPA does not explicitly teach virtual 
machine means. However, this is taught throughout Fee, such as in paragraph 30. 
Further, Fee teaches the use of security policies relating to user identifiers such as in 
paragraphs 37, 55, 58, and 72. 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the AAPA and the Fee references. One of ordinary skill in the art 
would have been motivated to include virtual machine means and user identifiers 
associated with security policies to dynamically and flexibly determine whether an 
assembly may be trusted with some amount of access to the user's system, as this 
would increase security. (Fee paragraph 8). 

As per claim 2, the AAPA teaches an execution engine, instantiated in a native 
code, to execute the virtual machine in runtime; a compiler to compile each of the first 
and second assemblies into native code for execution as native code (pargarph 3 of 
AAPA, wherein managed code is compiled into native code prior to execution). As seen 
in the AAPA, all the managed code is compiled into native code before runtime. As 
seen in Fee, such as in the abstract and throughout the reference, code is executed in 
runtime, and as seen in paragraphs 31 , 32, and throughout the reference, an operating 
system is run in this environment to execute the assemblies. 

As per claim 4, Fee teaches wherein the means for determining access privileges 
further comprise: means for preventing the access of the first assembly to the second 
assembly when the determination based upon the ID for at least one of the first and 
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second assemblies is unfavorable based upon predetermined criteria for the respective 
IDs (paragraphs 34, 42, 54, 64, 67, 68, and also AAPA paragraphs 4 and 6). 

As per claim 5, Fee teaches wherein the means for determining access privileges 
further comprises: means for preventing the access of the first assembly to the second 
assembly when the ID for the first assembly does not match the ID for the second 
assembly based upon a predetermined match criteria for the respective IDs (paragraphs 
34, 42, 54, 64, 67, 68, and also AAPA paragraphs 4 and 6). 

9. Claims 3, 7, 14, 15, 16, and 48 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the AAPA and Fee combination as applied above, and further in view 
of Bromley et al. US Patent No. 7,266,677 (hereinafter Bromley). 

As per claim 3, Fee teaches an execution engine means, in a native code 
portion, for executing the virtual machine means in runtime (abstract, paragraph 9, 25, 
31), means, in a native code portion, for providing an operating system to be executed 
with the virtual machine means (paragraph 30, 31 , and 33). For further details on 
"native" code, which is also known as machine code or assembly code, Bromley 
teaches these limitations, such as in col. 3 line 60-col. 4 line 4;col. 1 1 line 52 to col. 12 
line 15; col. 12 line 35-col. 12 line 52; col. 12 line 45 to col. 13 line). 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the teachings of the AAPA combination with Bromley. One of 
ordinary skill in the art would have been motivated to perform such an addition to allow 
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flexibility in systems, as it allows systems to communicate with each other when they 
operate in different operating environments (col. 2 lines 21-37). The references deal 
with communications across different networks that utilize assemblies. 

As per claim 7, Fee teaches the means for determining access privileges further 
comprising means for permitting the access of the first assembly to the second 
assembly when the ID for the first assembly matches the ID for the second assembly 
based upon a predetermined match criteria for the respective IDs (paragraphs 34, 42, 
54, 64, 67, 68, and also AAPA paragraphs 4 and 665). Bromley teaches wherein the 
assemblies from an intermediate language code and meta data are compiled into native 
code (col. 11 line 53 to col. 12 line 14; col. 12 line 35 to col. 13 line 5). Although 
metadata is not expclitly taught, it would have been obvious and common sense to 
compile all necessary information into native code. Bromley teaches that the necessary 
information is compiled into native code, and thus, it would have been obvious and 
common sense to convert meta data, if needed, into native code as well if this data 
needed to be utilized. A CLR loader is also taught in paragraph 3 of the AAPA. 

Further, Bromely teaches the means for executing the compiled native code in 
the native code portion, wherein the first assembly accesses the second assembly (col. 
12 lines 1-14, and the accessing of assemblies taught throughout Bromley and Fee). 

As per claim 14, Bromley teaches wherein the execution engine means in the 
native code portion further comprises a compiler to compile each said assembly into 
native code for execution by the native code portion (col. 3 lines 60-col. 4 line 4; col. 1 1 
line 52 to col. 12 line 15; col. 12 line 35 to col. 12 line 52). 
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Claim 15 is rejected using the same basis of arguments used to reject claim 7 
above. Further, the AAPA teaches JIT that compilers may be used to compile code. 

As per claim 16, Bromley teaches means, in the native code portion, for forming 
a response to the call. , and means for returning the response to the first assembly in 
the managed code portion (col. 3 lines 60-col. 4 line 4; col. 11 line 52 to col. 12 line 15; 
col. 12 line 35 to col. 12 line 52). 

10. Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over the Fee, 
AAPA, and Bromley as applied, and further in view of Segarra et al. US Patent No. 
4,430,699 (hereinafter Segarra). 

As per claim 6, the AAPA combination teaches preventing access of the first 
assembly to the second assembly, but does not explicitly teach wherein the rules are 
based upon application domains. However, this is taught by Segarra, such as in col. 34 
lines 30-40. 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the Segarra reference with the AAPA combination. One of ordinary 
skill in the art would have been motivated to perform such an addition to allow more 
security options to be available. As multiple systems are communicating with each 
other, it would be obvious to not allow systems with different application domains to 
communicate with each other, as it may lead to security problems. Further, Segarra 
deals with computer networks communicating with one another, and these teachings 
coincide with the teachings of the AAPA and Fee. 
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1 1 . Claims 8 and 9 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
the Fee combination as applied above, and further in view of Hardman et al. US Patent 
no. 2004/0059941 (hereinafter Hardman) 

As per claim 8, the Bromley combination does not explicitly teach permitting 
access of the first assembly to the second assembly when a previous said access has 
been permitted. However, this type of access control is well known in the art, and is 
illustrated by Hardman in paragraph 51 . 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the teachings of Hardman with the Fee combination. One of ordinary 
skill in the art would have been motivated to perform such an addition to save time. As 
a user has already been authenticated once, it would not always be necessary to 
authenticate the user again once he's been authenticated. This would save time and 
processing speed. These type of access controls are well known in the art. Further, it 
teaches in paragraph 10 that it would be beneficial to provide one-time authorization 
and access to systems. 

As per claim 9, Hardman teaches wherein the previous said access had been 
permitted following a prior said determination that was favorabe based upon a 
predetermined comparison criteria for the respective IDs (paragraph 26). 
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12. Claims 10-12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
The Fee combination as applied above, and further in view of Borza US Patent No. 
6,076,167 (hereinafter Borza) 

As per claim 10, means for compiling at least one of the first and second 
assemblies into native code is taught by Bromley, such as in col. 12 as described 
earlier. Further, permitting the means for compiling to compile at least one of the first 
and second assemblies into native code is taught by Bromley in col. 12 lines 35-col. 13 
line 5. However, at the time of the invention, the Bromley combination does not 
explicitly teach accuracy means, prior to the means for determinig access privileges, for 
determining whether the ID is accurate for the first and second assemblies. However, 
checking accuracy means before determining privileges and delying the determiniation 
until the ID is accurate is taught in Borza col. 12 lines 45-55. 

At the time of the invention, it would have been obvious to implement the ideas 
taught by Borza with the Fee combination. One of ordinary skill in the art would have 
been motivated to perform such an addition to provide a method for securely 
transmitting data and for securely transmitting data across a network taht is capable of 
real time modification in order to increase security (col. 2 lines 1-7). 

As per claim 1 1 , the combination of Borza with the Bromley combination teaches 
these limitations of the claims. Fee and the APPA teaches that the assemblies are 
able to communicate after IDs are checked and accurate, as seen in the arguments 
above.. Bromley then teaches that the code is compiled into native code for runtime in 
col. 12 lines 1-14 and col. 12 lines 40-67. Also shown in col. 13 lines 15-24. 
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As per claim 12, Borza teaches in col. 12 lines 45-55 that the ID's must be 
accurate before proceeding to access privileges. Therefore, since access privileges are 
halted, all other steps subsequently following it must halt as well, which would halt the 
system before it would run. 

1 3. Claim 1 3 is rejected under 35 U.S.C. 1 03(a) as being unpatentable over the Fee 
combination as applied above, and further in view of Rompaey et al. US Patent No. 
5,870,588 (hereinafter Rompaey). 

As per claim 13, the Fee, AAPA, and Bromley combination teach the compilers 
and metadata, as seen in the rejection for claim 7 above. However, the combination 
does not teach all the limitations of this claim. These limitations are taught by the 
Rompaey reference, in combination with the Fee, AAPA, and Bromley references. 
Rompaey teaches this, such as in col. 5 lines 28-54. 

At the time of the invention, it would have been obvious to one of ordinary skill in 
the art to combine the references of Rompaey with the Fee combination. One of 
ordinary skill in the art would have been motivated to perform such an addition to 
provide synthesis tools to allow code to run independently of their design environments. 
Col. 5 lines 45-55. 



Allowable Subject Matter 

14. Claims 47 and 48 are allowed. 
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The following is a statement of reasons for the indication of allowable subject 
matter: 

The applicants have amended the claims to overcome the prior art, and have 
clearly and persuasively argued that the amended claims overcome the prior art of 
record. 



Conclusion 

1 5. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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16. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to www. whose telephone number is (571)272-6431 . The 
examiner can normally be reached on M-F, 7:00 am to 4:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571 ) 272-381 1 381 1 . The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Jason Gee 
Patent Examiner 
Technology Center 2400 
07/22/2009 

/Kambiz Zand/ 

Supervisory Patent Examiner, Art Unit 2434 



